NFS4 Identity Mapping
Additional software may be required to get the ID mapping working at ETH.
The software is open source and can be found at
https://github.com/isginf/libnfsidmap-regex but has also been incorporated into the official
nfs-utils repository and is directly available in the nfs client packages of newer distributions.
Follow the instructions below to configure ID mapping your Linux.
Software
CentOS 7/8 and RHEL 7/8
Run the following command as
root to set up a
yum repository maintained by
isginf for installing and updating the package
libnfsidmap-regex:
curl -s https://install.inf.ethz.ch/isginf.key > /etc/pki/rpm-gpg/RPM-GPG-KEY-isginf
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-isginf
cat > /etc/yum.repos.d/isginf.repo <<__END__
[isginf]
name=isginf Extra Packages for \$releasever - \$basearch
baseurl=http://install.inf.ethz.ch/linux/software/el7/\$basearch/
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-isginf
includepkgs=libnfsidmap-regex
__END__
Then run
yum -y install libnfsidmap-regex
Fedora
The plugin is part of the
libnfsidmapd package that is installed as a dependency of
nfs-utils.
Ubuntu 18.04 or Newer
The plugin is available as
libnfsidmapd-regex in the
universe repository. Just run
apt -y install libnfsidmap-regex
to install.
Configuration
Edit
/etc/idmapd.conf as
root, delete all existing text and copy-paste the content below:
[General]
Domain = ethz.ch
Local-Realms = D, D.ETHZ.CH
[Regex]
User-Regex = ^D\\([^@]+)@ETHZ.CH$
Group-Regex = ^([^@]+)@d.ethz.ch@ethz.ch$|^D\\([^@]+)@ETHZ.CH$
Prepend-Before-User = D\
Append-After-User = @ETHZ.CH
Append-After-Group = @d.ethz.ch@ethz.ch
[Translation]
Method = regex, nsswitch
[Groups]
domain users = users
rpm